Activate MFA on the Root Account
Learn how tos secure the root account by enabling MFA.
We'll cover the following
Keeping our account safe#
The root account has massive importance. It has all privileges, including billing, so even if you create an IAM user and give them full administrative privileges to your account, there are still a few privileges that they don’t get. Since the root account has everything, it is an extremely important account, and it’s the one that you really need to secure.
When we talk about multi-factor authentication, we’re talking about using more than one type of tool for authentication. Those different types of authentication can be something you know, like a username and password, something you have, which is a physical device of some sort or something that generates a code, and then there’s something that you are, which means biometrics, for instance, retina scans or fingerprints. In the case of AWS, we’re going to use two factors of authentication. One of them will be something that we know, which is our username and password. The other will be something that we have, and that’s going to be a multifactor authentication device.
In this lesson, we will activate MFA on the root account.
1 of 16
2 of 16
3 of 16
4 of 16
5 of 16
6 of 16
7 of 16
8 of 16
9 of 16
10 of 16
11 of 16
12 of 16
13 of 16
14 of 16
15 of 16
16 of 16
Hit the RUN button below to open up a browser window here. This will make it easy for you to follow along.
/
You now have the extra factor of authentication on your account. Even if someone finds out what your password is, they won’t be able to log in without also having access to Google Authenticator on your phone.
Setting up a Billing Alarm
Creating an IAM User and a Group